If you absolutely hate trying to remember passwords for multiple accounts, you are not alone. Passwords are incredibly frustrating because it’s easy to have hundreds of accounts and each account should have it’s own unique password with letters, numbers, and various symbols. For these reason Bitwarden is recommended. A password manager is an invaluable tool because it simplifies everything. Bitwarden can generate incredibly complex passwords and remember them, all you have to do is remember your Bitwarden password! If you are in the Apple ecosystem, Apple’s Password app is a great option as well.

While Bitwarden can reduce the number of passwords you need to remember, it is incredibly important to make sure that the passwords you do have to remember are sufficiently complex. The reason for this is complicated, but worth understanding. When you enter your password on a website, the website doesn’t save your password as it is. When you enter your password any website following good practices will hash your password. A hash is a mathematical algorithm that takes your input and produces a unique output that only your input will recreate. This increases the complexity. Where encryption works two ways and you can encrypt a phrase or word and then decrypt it with the proper key, when a hash is created there is no means of decrypting it. An attacker who manages to steal your password hash cannot decrypt it, but they can still figure out what it is through other means! If someone retrieves your password hash, they can hash other words to see if they come out to be the same as your hashed password. There is a program used by security experts which can compare your password’s hash to millions of other hashed passwords in seconds. The most common word list used with this software is 14 million unique passwords long. It is highly recommended you put any password you are considering using through a strength checker. If you need help developing a password strategy to make them longer, consider things important to you that may not be obvious from the outset. Once as a password I used my favorite video game characters/items name followed by the # and how much it cost to purchase them. [Name]#[Value]. If you’re a fan of Science Fiction or Fantasy series [Name]@[Planet] might be a good idea. It doesn’t have to be the planet the character is from, just something that is easy to remember or has personal meaning to you. Please, don’t use this example but star wars fans might recognize PrincessLeia@Alderaan as having significance. Leia isn’t from Alderaan, but it is safe to say that Alderaan shaped her character. There are some caveats. If you are into costume contest and are known for dressing like Princess Leia, obviously it would be best to pick a different character and probably series.

Lastly on the subject of password management the website Have I been Pwned? is a great way to see if any of your accounts have been compromised. When you enter your email, it checks known breaches and leaks and lets you know which accounts specifically have been compromised. If any accounts are compromised, the password for them should be immediately changed!